albums:only viewers_family group members should see album_familyonly viewers_friends group members should see album_friendsany viewers_family or viewers_friends group members should see album_friends_and_family

Now, group viewers_friends in configured with no rights at all but the 'view gallery' Gallery right. Managed albums album_friends and album_friends_and_family have been assigned to group viewers_friends where the edit album checkbox is unchecked in both cases. The three albums are published as viewers in different groups are expected to be able to have access to them.

However, users mike and ann are not restricted to those two albums (album_friends and album_friends_and_family) but album_family is displayed to them too.

Firstly, I should have added Zenphoto gallery was set up as private gallery so Zenphoto--Option--Gallery--Gallery type was set to private.

Your hint has been useful indeed. Actually, the moment I read your third sentence it was all clear in my mind. I have read the Rules of protection and visibility for Zenphoto objects a number of times but somehow every time I took for granted that passwords would result in the user having to type an additional password to access the album.

In order to clear this/my confusion and help out other Zenphoto users, I've partly rewritten the section (draft-like). If you'd like some support from a Zenphoto user standpoint, this is the way I would put it:

----------...Galleries can be either public or private.

In a public gallery there are four possible states of an object as described below. Logged on Zenphoto users may have rights that override local password protection and published state. See above.1.- Published/not password protected: Any one can see these items2.- Not published/not password protected: People have to "know about" these items to view them. (That is they need to know the URL, they will not show in menus if the visitor does not have the appropriate credentials.)3.- Published/password protected: People will know of these items (they will show in menus) but not be able to access them without the password.4.- Not published/password protected: These are truely restricted to "logged in users". They require the appropriate credentials to access or see in menus.

Private galleries are equivalent to having all objects password protected. In a private gallery objects can be granted any of the four possible states listed above.

The use of the groups plugin alongside setting a gallery private can allow the admin to set different permissions for different albums based on group membership. For a private gallery hosting different groups and album permissions to be properly configured, all albums must be set as unpublished. Thus, only users/groups with permission to access a given album would be allowed to view/edit it. If, in this context, the status of an album were set to published, any user/group would be able to access it. For global privacy and local access permissions to apply, objects should only be allowed the following state:

Album unpublished/ password-protected gallery: These are truely restricted to "logged in users". They require the appropriate credentials to access or see in menus.----------

This does look good. We will incorporate it into the documentation. Please feel free to contribute to other parts of our docments that need clarification.

Unfortunately it is almost impossible for developers to write documentation that is unambiguous to "normal" users. Developers always "know" how things should work so leave out or over simplify the writeup. Unfortunately we have no "documentors" as part of our team.

Just a note. It would be best if you would create a ticket with this note so that we are sure it does not get forgot. I am not able to make the update now, and while I hope I will remember, the only way to be sure is to have this in the tracking system.